Method for creating communities of trust in a secure communication system

PublishedApril 10, 2001

Assigneenot available in USPTO data we have

Inventorsnot available in USPTO data we have

Technical Abstract

Patent Claims

16 claims

Legal claims defining the scope of protection, as filed with the USPTO.

1. A method for creating communities of trust, the method comprises the steps of: a) obtaining an arbitrary list of trusted public key certificates; b) determining whether the arbitrary list of the trusted public key certificates was obtained in a manner consistent with a security policy of a secure community; and c) when the arbitrary list of trusted public key certificates was obtained in a manner consistent with a security policy, adding trusted public key certificates of the arbitrary list to a trusted public key list.

2. The method of claim 1 further comprises: obtaining the arbitrary list which includes at least one public key certificate of at least one of an associated authority and an end-user.

3. The method of claim 2 further comprises obtaining the at least one public key certificate from another end-user.

4. The method of claim 2 further comprises obtaining the at least one public key certificate from an associated authority.

5. The method of claim 2 further comprises maintaining a record indicating whether a certificate contained in the trusted public key list was obtained by importing an end-user certificate from the another end-user, importing the end-user certificate from an associated authority, importing an associated authority public key certificate from the another end-user, or importing the associated authority public key certificate from the associated authority.

6. The method of claim 2 further comprises: receiving a request to perform a security related operation; determining whether an associated public key certificate of the security related operation is verified as authentic; and when the associated public key certificate is authentic, performing the security related operation using a subject public key of the associated public key certificate.

7. A method for creating communities of trust, the method comprises the steps of: obtaining an arbitrary list of trusted public key certificates including at least one public key certificate of at least one of an associated authority and an end-user; determining whether the arbitrary list of the trusted public key certificates was obtained in a manner consistent with a security policy of a secure community; when the arbitrary list of trusted public key certificates was obtained in a manner consistent with a security policy, adding trusted public key certificates of the arbitrary list to a trusted public key list; receiving a request to perform a security related operation; determining whether the associated public key certificate substantially matches a public key certificate stored in the trusted public key list; and when the associated public key certificate substantially matches a public key certificate stored in the trusted public key list, performing the security related operation using a subject public key of the associated public key certificate.

8. The method of claim 1 further comprises, within step (a), receiving the arbitrary list from another end-user, wherein the arbitrary list includes a plurality of public key certificates of end-users.

9. The method of claim 1 further comprises, within step (a), receiving the arbitrary list from an associated authority, wherein the arbitrary list includes at least one public key certificate of an end-user.

10. A method for creating communities of trust, the method comprises the steps of: obtaining an arbitrary list of trusted public key certificates; determining whether the arbitrary list of the trusted public key certificates was obtained in a manner consistent with a security policy of a secure community when the arbitrary list is received via at least one of: importing the arbitrary list from another end-user, importing the arbitrary list from an associated authority, importing a certificate of an end-user from another end-user, importing a certificate of an associated authority from the another end-user, importing the certificate of the associated authority from the associated authority, and importing the certificate of the end-user form the associated authority; and when the arbitrary list of trusted public key certificates was obtained in a manner consistent with a security policy, adding trusted public key certificates of the arbitrary list to a trusted public key list.

11. The method according to claim 1, wherein a community of trust includes a plurality of end-users; wherein the arbitrary list of trusted public key certificates is obtained by a respective end-user of the plurality of end-users; wherein whether the arbitrary list of the trusted public key certificates was obtained in a manner consistent with a security policy of a secure community is determined by the respective end-user; and wherein, when the arbitrary list of trusted public key certificates was obtained in a manner consistent with a security policy, trusted public key certificates of the arbitrary list are added to a trusted public key list by the respective end-user.

12. The method of claim 7 further comprises, within step (a), receiving the arbitrary list from another end-user, wherein the arbitrary list includes a plurality of public key certificates of end-users.

13. The method of claim 7 further comprises, within step (a), receiving the arbitrary list from an associated authority, wherein the arbitrary list includes at least one public key certificate of an end user.

14. The method according to claim 7, wherein a community of trust includes a plurality of end-users; wherein the arbitrary list of trusted public key certificates is obtained by a respective end-user of the plurality of end-users; wherein whether the arbitrary list of the trusted public key certificates was obtained in a manner consistent with a security policy of a secure community is determined by the respective end-user; and wherein, when the arbitrary list of trusted public key certificates was obtained in a manner consistent with a security policy, trusted public key certificates of the arbitrary list are added to a trusted public key list by the respective end-user.

15. The method of claim 10 further comprises verifying the associated public key certificate by: determining whether the associated public key certificate substantially matches a public key certificate stored in the trusted public key list; and when the associated public key certificate substantially matches a public key certificate stored in the trusted public key list, performing the security related operation using a subject public key of the associated public key certificate.

16. The method according to claim 10, wherein a community of trust includes a plurality of end-users; wherein the arbitrary list of trusted public key certificates is obtained by a respective end-user of the plurality of end-users; wherein whether the arbitrary list of the trusted public key certificates was obtained in a manner consistent with a security policy of a secure community is determined by the respective end-user; and wherein, when the arbitrary list of trusted public key certificates was obtained in a manner consistent with a security policy, trusted public key certificates of the arbitrary list are added to a trusted public key list by the respective end-user.

Classification Codes (CPC)

Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.

G06F H04L

Patent Metadata

Filing Date

Unknown

Publication Date

April 10, 2001

Want to explore more patents?

Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.

Browse All Patents Try Prior Art Search